Apache Ivy:我应该把所有这些 JAR 文件放在哪里? [英] Apache Ivy: Where do I put all these JARs?
问题描述
我正在努力说服我工作场所的高层迁移到 Apache Ivy.我已经设法让一些沙箱项目使用 Ivy 来为构建提供动力,现在我有一个绿灯来制定迁移提案.
I'm trying to convince the higher-ups at my work place to migrate to Apache Ivy. I've managed to get a few sandbox projects working using Ivy to power the build, and now I have a greenlight to put together a migration proposal.
我们都同意一件事:我们不想信任位于公共目录中的 JAR!我知道,我知道,有点偏执,是的.但是我们希望有一个设置,我们从受信任的源中提取 JAR(从开源项目本身下载它,或者最有可能从 gulp,公共存储库中下载它),并在我们之前使用它一段时间证明"它(给予我们祝福,因为它是一个可以安全使用的神器).
We all agree on one thing: we don't want to trust JARs that are located in public directories! I know, I know, a bit paranoid, yes. But we'd like to have a setup where we pull a JAR from a trusted source (either downloading it from the open source project itself, or most likely, gulp, a public repo), and use it for some time before we "certify" it (give it our blessing as a safe artifact to use).
然后我们希望为我们的许多项目使用的所有 JAR 建立一个公共存储库.
Then we want to have a common repository for all JARs used by our many projects.
我最初的想法是将此存储库置于版本控制中(我们有一个 SVN 服务器).但我不确定什么是最佳实践.将我们的 JAR 文件放在文件服务器上并通过 Ivy 脚本通过 FTP 连接到它们可能更有意义.
My original thinking was to place this repository up in version control (we have an SVN server). But I wasn't sure what best practices dictate. It might make more sense to put our JARs on a file server and FTP to them in the Ivy script.
无论是 SVN (HTTPS) 还是 FTP,我们所有的服务器都经过身份验证.所以,少数问题:
Either way, SVN (HTTPS) or FTP, all of our servers are authenticated. So, a small number of questions:
- 我们应该在哪里发布所有经过认证的"JAR(从`log4j` 到我们生产的任何本土JAR)?最佳做法说明了什么?
- ivyrep"解析器类型不接受用户名或密码属性.如果我们的JAR 服务器"(FTP、SVN 等)通过了身份验证,我该如何配置 Ivy 脚本以进行登录?
推荐答案
为什么不使用类似 Sonatype 的 Nexus.我已经看到它用于 Maven,我相信它适用于 Ivy.
Why not use something like Sonatype's Nexus. I've seen it used for Maven, and I believe it'll work for Ivy.
您可以将其设置为从远程存储库下载到(例如)测试"存储库.然后,您可以评估这些 .jar,如果它们不错,则将它们上传到已批准"的存储库中以供一般使用.有一些围绕此的身份验证,但您必须更深入地评估它.当然,您可以通过用户名/密码对限制上传到存储库.
You can set it up to download from remote repositories into (say) a 'test' repository. You can then evaluate those .jars, and if they're good, upload them into an 'approved' repository for general consumption. There's some authentication surrounding this, but you'd have to evaluate that in greater depth. Certainly you can restrict the uploading into repositories via a username/password pair.
这篇关于Apache Ivy:我应该把所有这些 JAR 文件放在哪里?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
